[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: defining networks/prefix and host wildcards, and IPsec.
-----BEGIN PGP SIGNED MESSAGE-----
At 06:52 PM 8/16/97 -0400, Michael Richardson wrote:
> For networks and prefixes, we could say things like:
> (subject (name IANA IStar Achilles Sandelman))
>
> {is IANA or Internic officially the owner for all IP addresses?}
>
> which would work fine given certs which said something like:
> (cert (issuer (hash IANA's key))
> (subject (hash IStar's key))
> (tag (name IStar)))
> ... (this is how one defines SDSI names, right?)
No, that's the older style. One would use:
(cert (issuer (name K_IANA istar))
(subject K_istar)
(tag (*))
)
where K_x is a key or a hash. The hash saves space, especially if you use
the key multiple times. The key, instead of a hash, saves some time in the
verifier.
> and some certs like:
> (cert (issuer (name IANA))
> (subject (name IANA IStar))
> (tag (route (* range "binary" #CDE93000#[ipv4] #CDE93FFF#[ipv4]))))
The syntax should be
(tag (route (* range binary [ipv4] #CDE93000# [ipv4] #CDE93FFF# ) ) )
and the [ipv4] should probably be a more complete MIME type, although I'm
not a MIME bigot. I'd be inclined to leave it off, but now that we're facing
a world with multiple IP address lengths, we might need it.
> [IStar owns 205.233.48.0/20]
The strings you gave are for a wider range of IP addresses. Where's the typo?
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNAL/YlQXJENzYr45AQH18AQAkM8m4e247HYJeYfjstCIkrWS8VOC9qNT
5JpZasB8+6Osm3iQ0Xy/8zDtEsX5pOyR5MoxkabSAiFRmzRtErPKYFmbsJCJy/wV
HnpxhICcJghO2IMiLAR3uwN22UXXcNvxHdVNiyZikkXa+8o/4U3vk4hxNEsT7fkw
qsKd9X9Axrk=
=YrhK
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups:
References: